Fundamentals of Information Systems Security Chapter 9 – Flashcards

Unlock all answers in this set

Unlock answers
question
_____offers a mechanism to accomplish four security goals: confidentiality, integrity, authentication, and nonrepudiation.
answer
Cryptography
question
True or false. A strong hash function is designed so that a message cannot be forged that will result in the same hash as a legitimate message.
answer
true
question
. The act of scrambling plaintext into cipertext is know as____.
answer
encryption
question
An algorithm used for cryptographic purposes is known as _____.
answer
Public key
question
True or false: Encryption ciphers fall into two general categories: symmetric[private] key and asymmetric[public] key.
answer
true
question
An encryption cipher that uses the same key to encrypt and decrypt is called a ____ key.
answer
Symmetric(private)
question
____ corroborates the indentity of an entity, whether the sender, the sender's computer, some device, or some information.
answer
authentication
question
Which of the following is one of the four basic forms of cryptographic attack?
answer
All of the following: Ciphertext-only attack; known-plaintext attack; chosen-plaintext attack; chosen-ciphertext attack.
question
True or false. The two basic types of ciphers are transposition and substitution.
answer
True
question
A _____ is used to detect forgeries.
answer
Hash value
question
DES, IDEA, RC4, and WEP are examples of ______.
answer
Symmetric algorithms[or standards]
question
A _____signature is a representation of a physical signature stored in a digital format.
answer
Digitized
question
Cryptography accomplishes four security goals:
answer
Confidentiality, integrity, authentication, and nonrepudiation.
question
______ is "the act of writing secret characters" according to Webster's dictionary.
answer
Cryptography
question
Cryptography deals with two types of information:
answer
1. Unencrypted information. 2. Encrypted information.
question
______is information in understandable form. Unencrypted information is plaintext, or cleartext.
answer
Unencrypted information.
question
____ is information in scramble form. _____ is ciphertext.
answer
Encrypted information. Encrypted information.
question
________ is the act of scrambling plaintext into ciphertext.
answer
Encryption
question
_____ is the act of unscrambling ciphertext into plaintext.
answer
Decryption
question
An _____ is a repeatable process that produces the same result when it receives the same input. In encryption uses a known mathematical process for performing its function.
answer
algorithm
question
A ___ is an algorithm to encrypt or decrypt information.
answer
cipher
question
These types of algorithms have no decryption algorithms, these are _______.
answer
one-way algorithms.
question
The output of a one-way algorithm is a ____.
answer
hash.
question
Every cipher and any plaintext you want to encrypt needs a _____. There are multiple users utilizing the same cipher techniques; ie. DES, RSA, Blowfish, randomizing.
answer
key
question
True or false: When using a key, the encryption cipher uses the cryptographic key to vary its output so that two correspondents can protect their information from anyone else who has the same cipher.
answer
True.
question
When using a key, by changing the key, you change the output of the _____function, even if the plaintext remains the same.
answer
cryptographic
question
Encryption falls into two general categories:
answer
1. Private[symmetric] key. 2. public[asymmetric] key
question
Those that use the same key to encrypt and decrypt are_____ciphers.
answer
private[symmetric] key
question
Those that use different keys to encrypt and decrypt are _____ciphers.
answer
public[asymmetric] key
question
The number of possible keys to a cipher is a ____.
answer
keyspace
question
Without any knowledge of the key, an attacker with access to an encrypted message and the description cipher could try every possible key to decode the message. This is a _____attack.
answer
Brute-force.
question
Assuming the cipher has no mathematical weakness, a large ____ usually means more security.
answer
keyspace
question
The most scrutinized cipher in history is the ______, modern computing has searched its keyspace of 72 quadrillion keys without finding a single mathematical weakness.
answer
Data Encryption Standard[DES]
question
Cryptography is going to protect:
answer
1. Confidentiality. 2. Integrity. 3. Authentication. 4. Nonrepudiation.
question
_____ keeps information secret from all but authorized people.
answer
Confidentiality
question
______ ensures no one, even the sender, changes information after transmitting it.
answer
Integrity
question
Cryptography can enforce integrity with two techniques:
answer
1. Hashes, or 2. Checksum
question
A _____ is a one-way calculation of information that yields a result usually much smaller than the original message.
answer
checksum
question
_____ ensures integrity of the message.
answer
checksum
question
____ is difficult to duplicate, for example, the ____ of the phone number 1-800-555-1212 could be the sum of each digit, 30. If you change one digit, the ____ no longer matches the expected value. You would question the integrity.
answer
checksum; checksum; checksum
question
____ is a complex technique using a robust mathematical process that are hard to reverse-engineer.
answer
hashes
question
_____ confirms the identity of an entity through usernames and passwords.
answer
Authentication.
question
To be able to authenticate in a _______ cryptography world, parties must first securely distribute keys among themselves. Key word "shared"
answer
symmetric key
question
During authentication, they could use ______ cryptography to distribute the symmetric keys. Then they would use the symmetric keys for subsequent correspondence.
answer
asymmetric key
question
______ cryptography offers a simpler means of authentication.
answer
asymmetric key.
question
Along with confidentiality, _____ cryptography is the cornerstone of Internet commerce.
answer
Asymmetric key
question
______ enables you to prevent a party from denying a previous statement or action.
answer
non-repudiation
question
Asymmetric key exchange offers stronger ____.
answer
non-repudiation.
question
A key just for the sender, creates unique timestamp, this is _____.
answer
nonrepudiation.
question
Cryptoanalysis mechanisms, you can break a cipher in two ways:
answer
1. analyzing the ciphertext to find the plaintext. 2. Analyze the ciphertext and its associated plaintext to find the key.
question
There are four basic forms of a cryptographic attack:
answer
1. Ciphertext-only attack[COA]. 2. Known Plain Text Attack [KPA]. 3. Chosen Plain Text Attack. 4. Chosen ciphertext attack.
question
In a _______, the cryptanalyst, has access only to a segment of encrypted data, and has no choice as to what that data may be.
answer
ciphertext-only attack[COA]
question
In a _______ , the cryptanalyst possesses certain pieces of information before and after encryption.
answer
known plaintext attack[KPA]
question
_______ uses ciphertext and the plaintext and then analyze what the key is.[Before and after encryption data is available]
answer
Known plaintext attack[KPA]
question
*In a ______, the cryptoanalyst can encrypt any information and observe the output.
answer
Chosen plaintext attack
question
** ____ is the best possible analysis.
answer
chosen plaintext attack
question
A _____ is a special case, it is particularly relevant to the asymmetric systems and hash functions.
answer
chosen ciphertext attack
question
Cryptanalysis has the following objectives:
answer
1. Derive the plaintext of a target message. 2. Determine the key used to encrypt a target message. 3. Derive the algorithm used by a particular cipher. 4. Solve the general mathematical problem underlying the cryptography.
question
In modern systems, the difficulty of breaking a cipher depends on the _____.
answer
complexity of keys
question
Ciphers come in two basic forms:
answer
1. Transposition ciphers. 2. Substitution ciphers.
question
A ______ rearranges characters or bits of data.
answer
transposition cipher
question
A _______ replaces bits, characters, or blocks of information with other bits, characters, or blocks.
answer
substitution cipher.
question
"ATTACK AT DAWN' example on pg 313 is an example of a _____.
answer
Transposition cipher.
question
One of the simplest substitution ciphers is the _____.
answer
Caesar Cipher.
question
the _____ shifts each letter in the English alphabet a fixed number of positions, with Z wrapping back to A. see pg 313.
answer
Caesar cipher.
question
A _______ uses a cipher alphabet that consists of a key word, less duplicates, followed by the remaining letters of the alphabet..
answer
keyword mixed alphabet cipher.
question
The _______, could encrypt every letter with its own substitution scheme.
answer
Vinegere cipher.
question
A _____ is a combination of multiple ciphers.
answer
product cipher
question
The _____ is a product cipher with a 56-bit key consisting of 16 iterations of substitutions and transformations.
answer
Data Encryption Standard[DES]
question
An _____ involves computing exponential over a finite mathematical field.
answer
Exponentiation cipher
question
The _____ is an example of an exponentiation cipher.
answer
Rivest-Shamir_Aldeman(RSA) encription scheme
question
_______ algorithm uses public and private key pair. See example provided by professor.
answer
RSA[Rivest-Shamir-Aldemann]
question
________ use the same key to encrypt and decrypt.
answer
Symmetric key cipher.
question
______ key technique does not scale well. see example on pg 316-317, Bob and Alice example.
answer
Symmetric.
question
____ uses a key pair, one for encryption, and the other for decryption.
answer
Asymmetric
question
______ are keys that you use only to encrypt other keys.
answer
Key encrypting key.
question
______ is a system that allows correspondents to communicate only over a public channel using publicly known techniques.
answer
public key cryptography.
question
_____ is a combination of a strong hash of a message, which acts as a fingerprint. You can combine this with a secret key from either a symmetric or asymmetric cryptosystem.
answer
digital signature
question
______ algorithms [or standards] are the most common form of encryption used.
answer
Symmetric key.
question
What are six of the currently used symmetric algorithms used?
answer
1. Data Encryption Stnadard[DES]. 2. Triple DES. 3. International Data Encryption Algorithm[IDEA]. 4. Blowfish. 5. Advanced Encryption Standard[AES]. 6. Variable Key Size Algorithm.
question
_____uses a 56-bit key and operates on 64-bit blocks of data.
answer
Data Encryption Standard[DES]
question
______ is a protocol that consist of three passes of DES using multiple keys.
answer
Triple DES.
question
____ increases the keyspace from 56 to 112 or 168 bits, depending on whether two or three keys are used.
answer
Triple DES.
question
______, like DES, operates on 64 bit blocks. However, it uses, 128 bit key and runs somewhat faster than DES on hardware and software.
answer
International Data Encryption Algorithm[IDEA}
question
______ is a 64bit block cipher that has a variable length key from 32 to 448 bits. It is included in the Linux kernel.
answer
Blowfish.
question
_____ is a block cipher, can use cryptographic keys of 128, 192, and 256 bits to encrypt and decrypt data in blocks of 128 bits.
answer
Advanced Encryption Standard[AES]
question
____ uses RC2 and RC4, also known as Ron's code.
answer
Variable Key Size Algorithm.
question
The _____ is the standard wireless standards.
answer
802.11 Wireless Security
question
The 802.11 wireless protocols allow encryption through____, but has a design weakness, including some key scheduling weakness in the RC4 encryption.
answer
Wired Equivalent Privacy[WEP]
question
To provide the best protection for wireless network traffic, always use____, never use ____.
answer
WPA, never use WEP.
question
The newer 802.11 wireless protocols is ____.
answer
Wifi Protected Access[WPA]
question
A ____ has its own service set identifier[SSID], which a client needs to know for access.
answer
WAP[Wifi Access Points]
question
Best way to protect Wireless Encryption Standard is to enable MAC address filtering, with a combination of _____.
answer
WPA[WiFi Protected Access]
question
The most scrutinized cipher in history is the ____.
answer
Data Encryption Standard (DES)
question
____ is a one-way calculation of information that yields a result usually much smaller than the original message.
answer
Checksum
question
A ___ is one of the simplest substitution ciphers. It shifts each letter in the English alphabet a fixed number of positions, with Z wrapping back to A.
answer
Caesar cipher
question
There are four basic forms of a cryptographic attack. In a ____, the cryptanalyst has access only to a segment of encrypted data, and has no choice as to what that data might be.
answer
Ciphertext-only attack(COA)
question
True or false. Unlike symmetric key algorithms, asymmetric algorithms can be fast and are well suited to encrypting lots of data.
answer
False
question
True or false: A salt value is a set of random characters that you can combine with an actual input key to create the encryption key.
answer
True
question
True or false: In an asymmetric key system, where everyone shares the same secret, compromising one copy of the key compromises all copies.
answer
False.
question
A ____ is used to detect forgeries.
answer
Hash value.
question
DES, IDEA, RC4, and WEP are examples of _____.
answer
Symmetric algorithms(or standards)
question
____ corroborates the identity of an entity. Where the sender, the sender's computer, some device, or some information.
answer
Authentication
Get an explanation on any task
Get unstuck with the help of our AI assistant in seconds
New